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(54) Autoteller systems 

(57) An autoteller system comprises 
an encryption module for encrypt- 
ing and decrypting data on user 
cards and for encrypting and de- 
crypting data communicated be- 
tween it and a remote host. The 
system is characterised by a key 
loader containing algorithm per- 
formance instructions on a ROM 
removably connectable to the en- 
cryption module for the generation 
of a master key, for an encryption 
circuit to use the master key to 
encryt a sub-key for the encrypted 
sub-key to be used as a session key 
when encrypting or decrypting data 
from a user card. 

The keys are stored in a battery- 
maintained RAM which is volatile if 
the encryption module is removed. 

The remote host is operable to 
provide the autoteller with a plural- 



ity of communiation keys where any 
selected named communication key 
can be used for encrypting and de- 
crypting data communicated be- 
tween the system and the host. The 
system is further characterised by 
the communications keys supplied 
to the system being the result of 
encryption or decryption by the en- 
cryption module of sub-keys from 
the host. 



The drawings originally filed were informal and the print here reproduced is taken from a later filed formal copy. 
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SPECIFICATION 

improvements in and relating to autoteller 
systems 

5 

The present invention relates to autotelfer sys- 
tems for the automatic dispensation of money 
to a user upon presentation of a valid card 
and receipt of correct information from the 

1 0 user validating his right to use. It particularly 
relates to autoteller systems which employ the 
technique of encryption for protection of infor- 
mation on the card and further relates to 
autoteller systems where a remote host con- 

1 5 troller communicates with the system. 

It is known to employ a card for presenta- 
tion to an autoteller wherefrom the autoteller 
reads data for matching against predeter- 
mined characteristics to validate the card and 

20 for comparison with further data furnished by 
the user validating the users right to employ 
the card. It is important to avoid persons of 
fraudulent intent being able to read the data 
on a card and understand its meaning. To this 

25 end it is known to employ cards having mag- 
netic stripes whereon the data is recorded and 
to encrypt or "shuffle" the data bits recorded 
so that even if read no pattern can be per- 
ceived. 

30 In prior art autoteller systems the autoteller 
was substantially an independent unit. None- 
theless, a surprisingly large number of per- 
sons had access to the system, including back 
staff and system maintainence personnel. Any 

35 of these persons was potentially able to dis- 
cover the manner of encryption and employ 
that knowledge themselves or through others 
simply by examination of the system. Thus, 
although the autoteller was protected against 

40 the public, it was not protected against em- 
ployees of fraudulent intent. 

Later prior art autoteller systems included 
an ability to communicate with a remote host 
system. The remote host might have been a 

45 computer installation some miles away coup- 
led to the autoteller by a serial data telephone 
link. The host would keep records of unaccep- 
table cards and so on and instruct the autotel- 
ler system in what action to take under differ- 

50 ent circumstances. The same host system 
might be in supervisory control of many auto- 
teller systems. The existence of the telephone 
line data link lays the system open to public 
interference and to access by many more 

55 employees, since the amount of equipment is 
multiplied and the line and the external host 
system are open to inspection by persons not 
in the vicinity of the aut t II r per se. Further, 
the ability of the remote host to command the 

60 autoteller syst m creates the possibility of new 
methods of fraud wher n interloper sends 
his own commands to the autoteller syst m 
instructing it to perform actions it would 
otherwise not perform under the circum- 

65 stances it finds. 



It is therefore desirable t provid an auto- 
t Her system where the manner of encryption 
of data on a card cannot be discovered by 
examination of the system itself. It is yet 
70 further desirable to provide an autoteller sys- 
tem where communication is possible with a 
remote host system without the nature of the 
communication being open to interpretation 
by persons monitoring the signals passing 
75 therebetween. 

According to a first aspect, the present 
invention consists in an autoteller system for 
dispensing money to a user on presentation of 
a valid card, said system comprising; a remo- 
80 vable master key loader for providing instruc- 
tions for the performance of an algorithm for 
the generation of a master key word, a port 
for receiving said master key loader and for 
reading said instructions therefrom, an en- 
85 cryption circuit coupled to receive an input 
word, coupled to receive a current key word, 
and operable to respond to said current key 
word to provide an output word being said 
input word encrypted according to a selected 
90 one out of a plurality of manners of encryp- 
tion, a card reader for reading data from said 
card, and a data link operable to receive a 
remotely-provided sub-key word, where said 
system is operable to receive said instructions 
95 from said port and to perform said algorithm 
to generate said master key word, where said 
system is operable to couple said master key 
word as said current key word in said encry- 
tion circuit, where said system is operable to 

1 00 couple said sub-key word as said input word 
in said encryption circuit, and where said 
system is operable to couple the output word 
resultant therefrom as a new current key word 
to said encryption circuit, said system being 

105 coupled to receive said data on said card from 
said reader and being operable thereafter to 
couple said data from said card as said input 
word to said encryption circuit for encryption 
in response to said new current key word. 

110 According to a second aspect the present 
invention consists in an autoteller system for 
dispensing money to a user on presentation of 
a valid card, said system comprising; a remo- 
vable master key loader for providing instruc- 

115 tions for the performance of an algorithm for 
the generation of a master key word, a port 
for receiving said master key loader and for 
receiving said instructions therefrom, an en- 
cryption circuit coupled to receive an input 

1 20 word, coupled to receive a current key word 
and operable to respond to said current key 
word to provide an output word being said 
input word encrypted according to a selected 
one out of a plurality of manners of encryp- 

125 tion, and a data link, where said system is 
coupled to receive said instructions from said 
port and is perable to respond th reto to 
generate said master key word, where said 
system is operable to couple said master key 

1 30 word as said current key word to said encryp- 



2 



GB2131 586A 2 



tion circuit where said syst m is c upled to 
receive from said data link a plural succession 
of communication sub-key words, and where 
said system is operable to couple ach of said 
5 communication sub-key words in turn as said 
input word to said encryption circuit to store 
the succession of resultant output words as a 
plurality of communication key words, said 
system being operable thereafter to receive 
10 indication from said data link as to which one 
of said communication key words is to be 
selected, and operable to coupled said se- 
lected communication key word as said cur- 
rent key word in said encryption circuit for the 

1 5 encryption of data sent via and received from 
said data link. 

In a preferred embodiment an autoteller 
system comprises an internal processor in 
which case the internal processor preferably 

20 provides an internal address bus and an inter- 
nal data bus for use within the auto teller. The 
autoteller preferably comprises a serial data 
interface for providing data communications 
with a remote host system. The serial data 

25 interface preferably communicates with the 
internal processor via the internal address bus 
and the internal data bus. The autoteller pre- 
ferably comprises a card reader preferably 
communicating with the internal processor via 

30 the internal address bus and the internal data 
bus and operable to read data from a card 
and communicate that data to the internal 
processor. The autoteller preferably comprises 
a keyboard and display coupled to the internal 

35 processor via the internal address bus and the 
internal data bus and operable in the one case 
to communicate data keyed in by the user to 
the internal processor and in the other case to 
provide data to the user from the internal 

40 processor. The autoteller preferably comprises 
a banknote dispenser preferably commanded 
via the internal data bus and the internal 
address bus to dispense money to the user. 
The autoteller preferably comprises an encryp- 

45 tion module communicating with the internal 
processor via the internal address bus and the 
internal data bus preferably operable to re- 
ceive data for encryption from the internal 
processor and to provide encrypted data to 

50 the internal processor. The encryption module 
is preferably seiectably operable to decrypt 
data. 

The autoteller preferably comprises a secure 
case closed behind a secure door. Within the 

55 secure case is preferably provided a secure 
enclosure preferably closed by secure screws 
unable to be undone without special tools. 
The enclosure preferably houses the internal 
processor, the encryption module and the 

60 interface circuits to the oth r elements therein. 
The autoteller pref rably comprises a key 
connector outwith the secure enclosure but 
within the secure case for providing coupling 
between the encryption module and a key 

65 loader. 



The encryption m dule pr ferably comprises 
a printed-circuit board. The printed circuit 
board preferably comprises a first edge con- 
nector for plugging into the common back- 
70 plane of the internal processor and the inter- 
face circuits. The printed circuit board prefera- 
bly comprises a second edge connector for 
providing connection to a multi-way cable for 
connecting the encryption module to the key 
75 connector. 

The key loader preferably comprises a multi- 
way plug for coupling to the key connector. 
The key loader is preferably housed within a 
case housing four indicator light-emitting di- 
80 odes. The key loader preferably comprises a 
Read-Only Memory. The Read-Only-Memory 
is preferably ultra-violet erasable, in which 
case the key loader preferably comprises an 
aperture in the case for irradiating the Read- 
85 Only Memory and a light-tight grommet affix- 
able therein for the protection of the Read- 
Only-Memory. 

The Read-Only-Jvlemory is preferably coup- 
led, via the key connector, to receive an 
90 address bus and a data bus. The encryption 
module preferably provides a chip-select sig- 
nal to the Read-Only-Memory in response 
whereto the Read-Only-Memory preferably 
provides the data on the data bus in the 
95 loation addressed by the address bus. The key 
loader preferably provides a connection to the 
Read-Only-Memory for programming the 
Read-Onry-Memory when the signal thereon 
exceeds a predetermined value, under which 
1 00 condition the Read-Only-Memory stores the 
data on the data bus in the location addressed 
by the address bus, and which program-induc- 
ing signal is preferably not provided by said 
encryption module. 
1 05 The encryption module preferably comprises 
an encryption control processor. The encryp- 
tion control processor preferably provides an 
encryption address bus and an encryption 
data bus for use in the encryption module, 
1 1 0 The encryption address bus is preferably the 
address bus supplied to the Read-Only-Mem- 
ory and the encryption data bus is preferably 
the data bus provided to the Read-Only-Mem- 
ory. 

115 The encryption module preferably comprises 
a communications register for providing com- 
munication between the internal data bus of 
the autoteller and the encryption data bus of 
the encryption control processor. 

120 The encryption module preferably a resident 
Read-Only-Memory (ROM) wherein the sys- 
tems program of the internal processor is 
stored. The internal processor preferably com- 
prises a volatile Random-Access Memory 

125 (RAM) for temporary storage of data during 
the operation of th encryption m dul and 
whose contents are lost if the power is re- 
mov d from the autoteller. Th encryption 
module preferably comprises a secure ran- 

130 d m-acc ss m m ry whose contents cannot 
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be recalled by the remot host and which is 
sustained in the ev nt of th loss f power to 
the aut teller, the autoteller preferably com- 
prising a battery backup power supply for 
5 supplying power only to the secure sustained 
RAM in the even of power loss. The backup 
power supply is preferably situated on the 
encryption module. The backup power supply 
is peferably disconnected from the secure, 

1 0 sustained RAM in the event of the printed 
cirucit board housing the encryption module 
being disconnected from the common back 
plane of the internal processor of the autotel- 
ler, in which case the secure, sustained mem- 

1 5 ory preferably loses its contents. The backup 
power supply preferably comprises a link on 
the first edge connector which is broken if the 
printed circuit board is removed therefrom. 
The secure, sustained RAM is preferably oper- 

20 able to store encryption key words. The en- 
cryption key words are preferably stored in 
secret locations therein scatterd among other 
data to create uncertainty as to which words 
stored in the secure, sustained RAM might be 

25 encryption key words. 

The encryption module preferably comprises 
an encryption block. The encryption block is 
preferably operable receive addresses and 
data respectively from the encryption address 

30 bus and the encryption data bus and is prefer- 
ably operable to provide selectabry encrypted 
or decrypted data back to the encryption data 
bus. 

The encryption module preferably comprises 

35 a flag register addressable via the encryption 
address bus and operable to receive first and 
second flag characters indicative of the en- 
cryption module having received the master 
key word and a session key word. The flag 

40 register preferably comprises comparison 
means for detecting if the predetermined flag 
characters have been deposited therein and 
operable to communicate the fact to a moni- 
tor. The monitor preferably monitors the vol- 

45 tage supplied by the battery in the backup 
power supply and detects if it is low. The 
monitor preferably provides activating signals 
to a light-emitting diode drive circuit for driv- 
ing the light-emitting diodes in the key loader. 

50 The light emitting diodes in the key loader 
preferably provide indication when the keys 
have been correctly loaded and when the 
battery is of low voltage. 
The. encryption block preferably comprises a 

55 key register comprising a plurality of eight-bit 
parallel in parallel out registers individually 
addressable from an address decoder to ac- 
cept the data on the encryption data bus 
wh n addressed by the encryption control 

60 processor via the encryption address bus. The 
encryption key register is preferably sixty-four 
bits long. The encryption block preferably 
comprises an output register preferably com- 
prising a plurality of 8-bit parallel-in-parallel- 

65 out r gisters individually in receipt of data 



from an encryption circuit itself in receipt of 
the contents of the k y register each operable 
when individually addressed by the encryption 
control processor via the address decoder op- 

70 erating on the contents of the encryption 
address bus to provide their input word onto 
the encryption data bus. There are preferably 
eight eight-bit registers in the output register. 
The encryption block preferably comprises an 

75 input register. The input register preferably 
comprises a direct register for receiving char- 
acters for encryption. The direct register pre- 
ferably comprises a plurality of plural-bit paral- 
lel-in-parallel-out registers individually addres- 

80 sable via the address decoder operating on 
the encryption address bus to accept data 
from the encryption data bus and provide it as 
output. The input register preferably com- 
prises a cyphertext register operable in the 

85 same manner as the direct register. The en- 
cryption control processor preferably is oper- 
able to load the cyphertext register with the 
result of the previous encryption as recovered 
from the output register. The output of the 

90 cyphertext register is preferably provided as 
the first input to an exclusive-or array in 
receipt of the output of the direct register as 
first input and providing output being the 
parallel-bit exclusive or function of corre- 

95 spending bits in the two outputs. The output 
of the exclusive-or array is preferably coupled 
as the first input to a diplexer and the output 
of the direct register is preferably provided as 
the second input to the diplexer which is 
1 00 selectably operable to provide the output of 
the direct register as output for coupling as 
input to the encryption circuit if direct oper- 
ation is required and to provide the output of 
the exclusive-or array as the input to the 
105 encryption circuit if cyphertext chaining of 
data to and from the remote host system is 
required. 

The communication register preferably com- 
prises a pair of buffer registers each add res sa- 

1 10 ble by the internal processor and by the 
encryption control processor, a first buffer 
being for the transfer of data from the internal 
processor for use by the encryption control 
processor and a second being for the transfer 

1 1 5 of data from the encryption control processor 
for use by the internal processor. 

In use, the encryption module preferably 
detects the power-on condition. The encryp- 
tion control processor then preferably looks to 

1 20 see if the key loader is present. If the key 
loader is present the encryption module pre- 
ferably uses the instructions in the keyloader 
directly to calculate the master key. The algor- 
ithm preferably all ws acc ss to th encryp- 

1 25 tion bl ck. The calculated master key is pre- 
ferably stored in a temporary location where 
its parity is checked. The Master key is then 
preferably stor d in a secure location in the 
sustained RAM and the contents of the tem- 

130 porary I cation delet d. The encryption mo- 
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dule preferably receives a sessi n sub-key 
from the remote host via the data link. The 
session sub-key is preferably encrypted using 
the master key as the key word to the encryp- 
5 tion circuit to create a session key. The ses- 
sion key is preferably stored in the sustained 
RAM in a secret location. The sustained RAM 
preferably contains many pieces of data so 
that it is impossible to discover by inspection 

1 0 which of the pieces of data are keys. 

The encryption module is preferably oper- 
able to receive a succession of communication 
sab-keys from the remote host system. The 
communication sub-keys are preferably en- 

15 crypted using the master key as the key word 
to the encryption circuit to create a corre- 
sponding succession of communication keys. 
The communication keys are preferably stored 
in the secure RAM in the same manner as the 

20 master and session keys. 

The remote host is preferably in a position 
to indicate to the encryption module which 
one of the communication keys it wishes to 
use. Thereafter the encryption module is pre- 

25 ferably operable to use the indicated com- 
munication key to encrypt data. The encryp- 
tion module is preferably selectably operable 
to operate in the cyphertext manner when 
instructed to do so via the remote host. The 

30 cyphertext manner preferably consists in the 
encryption of current data after is has under- 
gone an exclusive-or combination with the 
result of the previous encryption. 
The invention is further described, by way 

35 of an example, by the following description 
taken in conjunction with the appended draw- 
ings, in which: 

Figure 7 is a schematic representation of 
the various elements present in and associated 

40 with the autoteller system. 

Figure 2 shows details of the mechanical 
construction of the autoteller. 

Figure 3 shows the mechanical layout of 
the encryption module of Fig, 1 . 

45 Figure 4 shows mechanical detail of the key 
loader. 

Figure 5 shows a schematic circuit diagram 
of the key loader. 

Figure 6 shows a schematic Circuit diagram 
50 of the encryption module printed circuit board 
of Fig. 3. 

Figure 7 shows a schematic circuit diagram 
of the communication register of Fig. 6. 
Figure 8 shows a schematic circuit diagram 
55 of the encryption block of Fig. 6. 

Figure 9 shows a schematic circuit diagram 
of the input register of Fig. 8. 

Fig. 1 shows a schematic circuit diagram 
gen rally indicating the elem nts in the auto- 
60 teller of the preferred embodiment and the 
functional relationships therebetw n. 

The autotell r 1 0 compris s an aut tell r 
internal processor 12 f r controlling th im- 
mediate actions of the autoteller 1 0. The 
65 internal process r 12 provides an int rnal 



data bus 14 f r providing data to and receiv- 
ing data from th various other elements in 
the autot Her 10.. The internal processor 12 
also provides an internal address bus 16 
70 whereby each of the varoius elements in the 
autoteller 10 can be addressed for data de- 
position or data retrieval therefrom. The auto- 
teller internal controller 1 2 is, for preference, 
a minicomputer. However, it will be apparent 
75 that the function of the internal controller 1 2 
can be accomplished using any other type of 
state-sequence machine ranging from the pro- 
grammable to the hard-wired. 
The autoteller 1 0 comprises a serial data 
80 interface 18 for providing data communication 
via a serial data link 20 with a remote host 
system 22. The interface 1 8 converts parallel 
data received from the internal data bus 14 
when addressed by the internal address bus 
85 16 into a serial stream of binary digits. The 
serial data link 2d is. for preference, a three- 
wire system comprising a data wire for receiv- 
ing the series of binary digits, a clock wire for 
for carrying a clock signal for clocking the 
90 series of binary digits, and a ground wire. 
This is not restrictive, and the serial data link 
20 could equally comprise a telephone line 
and a pair of modems. Equally, any other type 
of data communication link can be used with 
95 the present invention. 

The autoteller 1 0 also comprises a card 
reader 24. The card reader 24 accepts a card 
from the autoteller user and, when addressed 
by the internal processor 1 2, informs the 

1 00 processor 1 2 that a card is present. The 
internal processor 1 2 then commands the 
card reader 24 to read data from the card and 
transfer it via the internal data bus 14 to the 
internal processor 12. 

105 The autoteller 10 further comprises a key- 
board and display 26. The internal processor 
1 2 instructs the display 26 to request the user 
to type out his personal number on the key- 
board 26. If the personal number, received 

1 1 0 via the data bus 1 4 by the internal processor 
12, does not match up with predetermined 
information recovered from the card by the 
card reader 24 according to a predetermined 
relationship after a predetermined number of 

1 1 5 attempts at entry of the personal number, the 
internal processor 1 2 instructs the card reader 
24 to swallow the card and deposit it a bin on 
the assumption that the would-be user had no 
right to use the card, being ignorant of the 

120 personal number. 

The autoteller 10 further comprises a bank- 
note dispenser 28. If the user successfully 
enters his personal number within the predet- 
ermined numb r of attempts the internal pro- 

1 25 cessor 12 instructs th display 26 to ask the 
user how much mon y he wishes to with- 
draw. The user th n resp nds by typing out 
the amount on the keyboard 26 which infor- 
mation is communicated to the internal pro- 

1 30 cessor 1 2. In response the internal processor 
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1 2 then instructs the bankn te dispenser 28 
to dispens the requir d numb r and types of 
banknotes to the user. 
The remote host system 22 can be used to 
5 control many more than just one autoteller 
10. The remote host 22 maintains records of 
bad cards and instructs the internal processor 
1 2 to retain any card in the card reader 24 
which is suspect. It is to be appreciated that 

1 0 the remote host system 22 can address a 
plurality of autotellers 10 via the same serial 
data link 20 and it is preferred that this be so. 
It is however possible to address each autotel- 
ler 10 via its own, unique serial data link 20. 

1 5 The function of the remote host processor 22 
is one of supervision and general control. The 
autoteller 10 communicates its transactions to 
the remote host system 22 and the remote 
host 22 communicates operating instructions 

20 to the autoteller 10. It is not strictly part of 
the present invention what those instructions 
might be and what data is passed between 
the host system 22 and the autoteller 10, 
save as hereinafter described in connection 

25 with the use and loading of encryption keys. 
By way of example, the autoteller 10 might 
inform the host 22 of identification informa- 
tion on the card, bank account number, and 
time of last use, all derived from the card 

30 reader 24. In response the remote host sys- 
tem 22 might instruct the autoteller 10 to 
withold or not to withold payment, or tell the 
autoteller 1 0 the upper limit of payment. 
Similarly the autoteller 1 0 may be instructed 

35 to retain the card or be informed as to what 
new information to record on the card using a 
recording facility on the card reader 24. 

The autoteller 10 lastly comprises an en- 
cryption module 30. The encryption module 

40 30 is operable to receive blocks of data from 
the internal processor 12 via the internal data 
bus 1 4 when addressed by the internal ad- 
dress bus 1 6 and to render up blocks of 
encrypted or decrypted dpta to the internal 

45 processor 12 onto the internal data bus 14 
when addressed to do so via the internal 
address bus 16. The manner of encryption of 
decryption is selectable in response to the 
encryption module responding to commands 

50 to use a selectable key. In a first mode of 
operation the internal processor 1 2 provides 
data recovered by the card reader 24 from the 
presented card to the encryption module 30 
for selectable encryption or decryption and 

55 receives the selectably encrypted or decrypted 
data back from the encryption module 30. the 
manner of encryption or decryption being pre- 
determined by the loading of a key, the key 
being variable from time to time. In a second 

60 manner of operation ne out f a plurality of 
communi communication k ys is selected by 
the remote host system 22 and data provided 
to the encryption module 30 from the internal 
processor 1 2 fro selectable encryption r de- 

65 cryption and communication back to the inter- 



nal processor 12. The data may have been 
received from the remot host system 22 by 
the internal processor 1 2 via the serial data 
link 20 and the serial data interface 18, or 

70 may be a message originated by the internal 
processor 1 2 for communication to the remote 
host system 22 in a similar manner. In a third 
manner of operation, the encryption module 
30 performs a cyphertext operation using a 

75 host 22 selectable encryption key whereby 
received data from the host 22 or data to be 
sent to the host 22 is divided into blocks and 
combined in an exclusive-or operation with 
the result of encryption or decryption of the 

80 previous block before itself being encrypted or 
decrypted. 

The term encryption is herein defined as the 
altering of the order of the binary digits in a 
plural binary digit data word according to a 
85 predetermined pattern. The term decryption is 
herein defined as the altering back of the 
order of the binary digits in an encrypted 
plural binary digit word to their original order. 
A key is herein defined as the plural binary 
90 digit word defining the pattern of encryption 
or decryption, whereby alteration of the key 
alters the pattern of encryption or decryption. 

It is to be appreciated that decryption is 
merely a special case of encryption, the pat- 
95 tern causing the decryption of a previously- 
encrypted message being, in absense of previ- 
ous encryption, just another encryption pat- 
tern. While there is no mathematical distinc- 
tion therebetween, for the purposes of the 

100 present invention and the description thereof 
encryption and decryption are treated as if 
they were seperate operations. 

Fig. 2 shows the mechanical construction of 
the autoteller 10 of Fig. 1 . 

105 The autoteller 10 is housed within a secure 
steel case 32 closed by a secure steel door 34 
which can be locked. Within the secure case 
32 is a secure enclosure 36, also made from 
steel and closed by a steel panel 38 held by 

1 1 0 special screws 40 which can only be undone 
using a special tool. The enclosure 36 houses 
the internal processor 1 2, the encryption mo- 
dule 30 and interface circuits for the other 
elements of the autoteller 10. The autoteller 

115 10 comprises a key connector 42 affixed- 
within the secure case 32 but outwith the 
secure enclosure 36 for loading encryption 
keys in a manner to be described hereunder. 
The key connector 42 is therefore accessible 

1 20 to bank personnel whenever the case 32 is 
opened. The autoteller 10 further comprises a 
banknote dispenser enclosure 44 shown in 
phantom outline for housing a safe for money 
and a dispenser mechanism and a user facta 

1 25 protrusion 46 protruding through the wall of 
the bank and presenting to the user the 
keyboard and display 26 and the dispensing 
end of the banknot dispenser. 
Fig. 3 shows mechanical details of the 

1 30 construction of the encryption module 30. 
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The encryption m dule 30 comprises a 
printed-circuit b ard 48 with a first edge 
connector 50 for conn cting the printed cir- 
cuit board 48 into the common backplane of 
5 the internal processor 1 2 through which all 
power and communication with the common 
processor 1 2 is derived. The encryption mo- 
dule 30 comprises a second edge connector 
52 on the edge of the printed circuit board 48 

10 remote from the first edge connector 50. The 
second edge connector 52 is used to load a 
secure key into the encryption module 30. A 
plug 54 mates with the second edge connec- 
tor 52, coupling it to a mufti-way flat cable 

15 56 which in turn couples the second edge 
connector 52 to the key connector 42 shown 
in Fig. 2. 

Fig. 4 shows mechanical detail of the key 
loader in conjunction with the key connector 
20 42. 

The key loader 58 is a pocketable outboard 
Read-Only-Memory (ROM) for the encryption 
module 30. The key loader 58 is housed in a 
shatterproof resin case 60 at the extreme and 

25 flared end of which is provided a key loader 
connector 62 for mating with the key connec- 
tor 42 to provide multiple connections to the 
encryption module 30. The key loader 58 
comprises an ultra-violet erasable ROM 66 

30 housed beneath an aperture 64 in the case 
60 wherethrough the ROM 64 can be irradi- 
ated if required to destroy its contents prior to 
loading fresh contents. The aperture 64 is 
closed by a light-tight grommet 68 to prevent 

35 the accidental irradiation of the ROM 66 and 
to prevent the slow attrition of its contents by . 
daylight. 

First, second, third and fourth light-emitting 
diodes (LED's) 70, 72, 74, 76 are provided in 
40 the sloping front of the case 60, directly 

driven via the key connector 42, for indicating 
key loading status in the encryption module 
30. 

Fig. 5 shows a schematic circuit diagram of 

45 the key loader 58. 

The key loader connector 62 provides a 
ground line 78 providing a common power 
return for the key loader 58. A first LED 
driving line 80 supplies illuminating power to 

50 the first LED 70, a second LED driving line 82 
provides illuminating power to the second 
LED 72, a third LED driving line 84 provides 
illuminating power to the third LED 74, and a 
fourth LED driving line 86 provides illuminat- 

55 ing power to the fourth LED 76, the first, 
second, third, and fourth LED's 70, 72, 74, 
76 each being coupled to the ground line 78 
as the common return for the illuminating 
power. 

60 The key loader 58 comprises an erasable 
Read-Only-Memory 88 corr spending to the 
ROM 66 of Fig. 4, Th ROM 88 receives 
operational power via a power fin 90. The 
ROM 88 rec ives a chip s lecting input via a 

65 chip select line 92 in r sponse whereto the 



ROM 88 is r nd red operational either to 
r ceive or render up data. The ROM 88 
receives a programming input signal via a 
programme line 94- If the voltage on the 
70 program line 94 exceeds a predetermined 
threshold value for longer than a predeter- 
mined time and the signal is provided on the 
chip select line 92 the ROM 88 stores the 
data presented to it in the location addressed. 
75 If the ROM 88 is in receipt of the signal on 
the chip select line 92 along, it renders up 
data stored in the location addressed. The 
ROM 88 is provide data on and renders up 
data to an 8-bit wide data bus 96 provided by 
80 the encryption module 30 and its locations 
are addressed via an 1 1 -bit wide address bus 
98. The ROM 88 comprises 2048 locations 
at each one of which an 8-bit parallel word 
can be stored. The encryption module 30 
85 does not programme the ROM, and conse- 
quently the programme line 94 is not pro- 
vided by the encyption module 30. The ROM 
88 is pre-programmed at another, dedicated 
installation and it will be apparent to those 
90 skilled in the art how this can be done. The 
ROM 88 need not necessarily be ultra-violet 
erasable, but can be of the once-programmed 
variety where fuse links are blown and the 
like, in which case there is no need for the 
95 aperture 64 and the grommet 68. Similarly, 
the ROM 88 can be mask-programmed before 
assembly into the key loader 58, in which 
case there is no need for providing program- 
ming facilities via the key loader connector 

100 62. As another alternative, the ROM 88 can 
be of the electrically-alterable variety in which 
case there is no need for the aperture 64 or 
the grommet 69 but there is a requirement for 
a line for cancelling the information in an 

1 05 addressed location. These and other variations 
on the nature of the ROM 88 and the differ- 
ing requirements thereof under each circum- 
stance will become apparent to those skilled 
in the art in consequence of the following 

110 description. 

Fig. 6 shows a schematic circuit diagram of 
the encryption module 30. 

The encryption module 30 comprises a 
communication register 1 00 for providing 

115 communication with the internal processor 1 2 
of the autoteller 1 0. The encryption module 
30 further comprises an encryption control 
processor 102 which provides an encryption 
data bus 96 and an encryption address bus 

1 20 98 for use as will later be described in the 
encryption module and for use as has already 
been described via the key connector 42 as 
the data bus 96 and the address bus 98 in 
the key loader 58. The communication regis- 

125 ter 100 is in rec ipt of the internal data bus 
1 4 and of th internal address bus 1 6 from 
the internal pr cessor 1 2 of the autot Her 1 0 
and is also in receipt of the encryption data 
bus 96 and of the encryption address bus 98. 

1 30 The internal pr cessor 1 2 can address the 
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communication register 1 00 to dep sit a 
block of data ther in f r later retieval by the 
encryption control processor 1 02 and can 
address the communication register 1 00 to 
5 retieve therefrom a block of data previously 
deposited therein by the encryption control 
processor 102. 

In association with the encryption control 
processor 1 02 and in receipt of the encryption 

10 data bus 96 and of the encryption address 
bus 98 there is provided a resident ROM 
104, a volatile RAM 106 and a sustained 
secure RAM 108. The resident ROM 104 is 
pre-loaded with the operating instructions for 

1 5 the encryption control processor and its con- 
tents cannot be changed. The volatile RAM 
106 is a random-access memory used as a 
temporary store by the encryption control pro- 
cessor 102. The control processor 102 can 

20 write data therein or retrieve data therefrom. 
When power is removed from the encryption 
module 30 the contents of the volatile RAM 
106 are loast. The secure sustained RAM 108 
is operated in conjunction with a backup 

25 battery power supply 1 10 providing power 
thereto via a battery power line 1 1 2. When 
power is available to the encryption module in 
the normal manner, the energy on the power 
line 1 1 2 is derived from the general source, 

30 not shown, provided via the first edge connec- 
tor 50 which source also charges up a battery 
in the backup power supply 110. When 
power is removed from the autoteller 1 0 the 
backup power supply 110 provides battery 

35 potential on the power line 112 which can 
sustain the sustained secure RAM 108 for up 
to ten days. The ground return line 1 1 4 of the 
backup power supply 1 1 Q is seperately exter- 
nalised on the first edge connector 50 and is 

40 coupled via an external lipk 1 1 6 on the first 
edge connector 50 to the. main power supply 
ground 1 1 8 to the encryption module 30 also 
provided on the first edge connector 50. 
Thus, whilst the printed qircuit board 48 is 

45 plugged in via its first edge connector 50, the 
ground return line 1 14 of the battery backup 
power supply 1 10 is coupled via the external 
link 1 1 6 to the supply ground 1 1 8 so that if 
power is removed from the autoteller 10 the 

50 battery will sustain the sustained RAM 108, 
since one side of the supply to the sustained 
RAM 1 08 is provided via the supply ground 
118. However, if power is removed from the 
autoteller 10 and the printed circuit board 48 

55 is unplugged the link 1 1 6 between the 

ground return line 114 and the power supply 
ground 1 1 8 is broken so that the battery 
backup power supply 1 10 is unable to sustain 
the secure sustained RAM 108 and its con- 

60 tents are lost. The same result nsues if the 
printed circuit board 48 is unplugged whilst 
power is still supplied to the autoteller 1 0. 
The encryption control proc ssor 1 02 can 
write data int and retriev data from the 

65 secure RAM 108. The secure RAM 108 is 



used t store data, such as ncryption keys, 
which it is not for interlopers to discover, or 
subsequently use. Thus, if the encryption mo- 
dule 30 is removed, it is not possible upon 
70 subsequent investigation to discover secret 
information nor is it possible to employ the 
encryption module 30 elsewhere since all of 
the secret information necessary for the oper- 
ation of the autoteller 1 0 is lost as soon as the 
75 encryption module 30 is unplugged. 

The encryption module 30 further com- 
prises an encryption block 120 coupled to 
receive the encryption data bus 96 and the 
encryption address bus 98. The encryption 
80 control processor 1 02 is operable to provide 
the encryption block 1 20, by a process of 
addressing and data supply, with a key for 
encryption, a data character to be encrypted 
and is operable to address the encryption 
85 block 1 20 to recover the encrypted or selecta- 
bly decrypted data. 

The encryption module 30 comprises a flag 
comparator 1 22 once again coupled to re- 
ceive the encryption data bus 96 and the 
90 encryption address bus 98 from the encryp- 
tion control processor 102. At the end of key 
loading, to be described, the encryption con- 
trol processor 1 02 deposits first and second 
predetermined flag characters in the flag com- 
95 parator 122 and the flag comparator 122 
provides indication on first and second 1 24 
1 26 flag lines to a monitor circuit 1 28 of the 
presence of the flags. The monitor 1 28 also 
checks the battery potential in the backup 

1 00 power supply 1 1 0 and detects when it falls 
below a predetermined value. The monitor 
circuit 1 28 provides activating signals to a 
LED driving circuit 1 30 operable to respond 
thereto to provide the illuminating energy to 

105 the first, second, third and fourth LED's 70, 
72, 74, 76 via the first, second, third and 
fourth LED driving lines 80, 82, 84, 86 
respectively. 
Fig. 7 shows a schematic circuit diagram of 

110 the communication register 100 of Fig. 6. 

The communication register 100 comprises 
a first interface RAM 1 32 for tfte temporary 
storage of data to be transferred from the 
internal processor 1 2 to the encryption control 

1 1 5 processor 1 02 and a second interface RAM 
133 for the temporary storage of data to be 
transferred from the encryption control proces- 
sor 102 to the internal processor 12. The 
communication register is in receipt of the 

1 20 internal address bus 1 6 of the autoteller 1 0 
and receives it as an input to a first'address 
decoder 1 34. The communication register 
1 00 is also in receipt of the encryption ad- 
dress bus 98, receiving it as an input on a 

125 second address decoder 136. fhe first ad- 
dress decoder 1 34 examiners the address on 
the internal address bus 16 and, if it lies 
within first and second numerical limits, these 
limits indicating the boundaries of the address 

1 30 field used by the internal processor 1 2 for 
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acc ssing the communication register 100, 
the first address decoder 134 provides output 
indicative trier of. The second addr ss deco- 
der 1 36 examines the address on the encryp- 
5 tion address' bus 98 and, if it lies between 
third and fourth numerical values, being the 
upper and lower limits of the address field 
used by the encryption control processor 1 02 
to access the communication register 100, it 
10 provides output indicative thereof. 

The communication register 100 comprises 
a first address diplexer 138 in receipt of the 
internal address bus 1 6 as a first input and in 
receipt of the encryption address bus 98 as a 
1 5 second input. The output indication of the first 
address decoder 1 34 is coupled as a first 
controlling input to the first address diplexer 
1 38 and the output indication of the second 
address decoder 1 36 is coupled as a second 
20 controlling input to the first address diplexer 
1 38. When the first address decoder 1 34 
provides its output indication the first address 
diplexer 1 38 provides, as its output on the 
first interface RAM address bus 139, as the 
25 address input to the first interface RAM 1 32, 
the address on the inernal address bus 1 6 of 
the internal processor 12, regardlessly of the 
indication provided by the second address 
decoder 1 36. When the second address deco- 
30 der 1 36 provides its output indication, and 
the first address decoder 1 34 does not pro- 
vide its output indication, the first address 
diplexer 138 provides, as output on the first 
interface address bus 139, the address pro- 
35 vided on the encryption address bus 98. 
When neither the first address decoder 1 34 
nor the second address decoder 1 36 provides 
output indication, the first address diplexer 
1 38 provides no output 
40 The communication register 100 comprises 
a second address diplexer 140 in receipt of 
the internal address bus 1 6 as a first input 
and in receipt of the encryption address bus 
98 as a second input. The output indication of 
45 the first address decoder 134 is provided as a 
first controlling input to the second address 
diplexer 140 and the output of the second 
address decoder 1 36 is provided as a second 
controlling input to the second address di- 
50 plexer 1 40. When the second address deco- 
der 136 provides its output indication, the 
second address diplexer 140 provides, as its 
output, regardlessly as to whether or not the 
first address decoder 1 34 is providing its 
55 output indication, on the second interface 
RAM address bus 141, the address supplied 
on the encryption address bus 98, as the 
address input to the second interface RAM 
133. When the first address decoder 1 34 
60 provides its output indication and the second 
address decoder 1 36 does not provide its 
output indication, th second addr ss diplexer 
1 40 provides, as th address input to the 
second interface RAM 133 via the second 
65 interface RAM addr ss bus 141, the address 



supplied by the internal bus 1 6 of th autotel- 
ler 10 internal processor 12. When neither 
the first address decoder 1 34 nor the second 
address decoder 136 provides its output indi- 
70 cation the second address diplexer 1 40 pro- 
vides no output. 

The communication register 1 00 comprises 
a first bidirectional data diplexer 142, in re- 
ceipt of the contents of the inernal data bus 
75 14 and selectively operable to couple the 
contents of the internal data bus 1 4 as data 
input onto a first interface RAM data bus 
144. The first data diplexer 142 is also selec- 
tably operable to couple data provided by the 
80 first interface RAM 1 32 on the first interface 
RAM data bus 1 48 as input data onto the 
encryption data bus 14. The first data diplexer 
1 42 receives the ouput of the first address 
decoder 1 34 as a first controlling input and 
85 receives the output of the second address 
decoder 136 as a second controlling input. 
When the first address decoder 1 34 provides 
its output indication, regardlessly as to 
whether or not the second address decoder 
90 136 provides its output indication, the first 
data diplexer 1 42 couples the data on the 
internal data bus 14 as data input to the first 
interface RAM 1 32 via the first data interface 
RAM data bus 144. When the second address 
95 decoder 136 provides its output indication 
and the first address decoder 1 34 does not 
provide its output indication, the first data 
diplexer 142 couples output data, provided by 
the first interface RAM 1 32 via the first 
100 interface RAM data bus 144, onto the encryp- 
tion data bus 96. When neither the first 
address decoder 1 34 nor the second address 
decoder 1 36 provides an output indication, 
the first data diplexer 1 42 neither accepts nor 
105 receives data. 

The communication register 100 further 
comprises a second data diplexer 1 46 coup- 
led to the second interface RAM via a second 
interface RAM data bus 148, coupled to se- 
1 1 0 lectably receive data from the encryption data 
bus 96 onto the second interface RAM data 
bus 148, coupled to selectably provide data 
from the second interface RAM data bus 1 48 
onto the internal data bus 14, coupled to 
115 receive the output of the first address decoder 
1 34 as a first controlling input and coupled to 
receive the output of the second address 
decoder 1 36 as a second controlling input. 
When the second address decoder 1 36 pro- 
1 20 vides its output indication, regardlessly as to 
whether the first address decoder 1 34 pro- 
vides its output indication or not, the second 
data diplexer 1 46 couples the data presented 
on the encryption data bus 96 as input data 
1 25 to be stored by the second int rface RAM 
133 to the second int rface RAM 133 via the 
second interface RAM data bus 148. When 
the first address decoder 1 34 provides its 
output indication and the second address de- 
1 30 coder 1 36 d s not provide hs output indica- 
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tion, the second data diplex r 1 46 couples 
output data from the second interface RAM 
133 provided thereby on the second interface 
RAM data bus 1 48 as input to the internal 
5 data bus 1 4. When neither the first address 
decoder 1 34 provides its output indication 
nor the second address decoder 1 36 provides 
its output indication the second data dip lexer 
1 46 neither accepts nor receives data. 

1 0 The arrangement of address decoders 1 34, 
136, address diplexers 138, 140, data diplex- 
ers 142, 146 and RAMs 132, 133 described 
allows the internal processor 1 2 to have a pre- 
emptive access to the first interface RAM 1 32 

1 5 for the deposition of data therein and a secon- 
dary right to access to the second interface 
RAM 1 33 for the retrieval of data therefrom 
and allows the encryption control processor 
1 02 to have a pre-emptive right of access to 

20 the second interface RAM 1 33 for the deposi- 
tion of data therein and a secondary right of 
access to the first interface RAM 1 32 for the 
retrieval of data therefrom. 
In operation, if the internal processor 1 2 

25 wishes to pass data or instruction words to 
the encryption control processor 102, it first 
checks to see if the second address decoder 
1 36 is providing its output indication. This is 
achieved by means of an interrogatable status 

30 register, not shown for reasons of simplicity, 
whose operation will be apparent to those 
skilled in the art. If the second address deco- 
der 1 36 is providing its output indication the 
internal processor 1 2 waits until it ceases to 

35 do so. It there is no such indication the 
internal processor 1 2 proceeds immediately 
with data transfer. The internal processor 1 2 
calls up the address of the first location in 
both the first and second interface RAMs. 

40 However, contained within the address is an 
indication as to whether the internal processor 
1 2 wishes to read or write data in the com- 
munication register 100. If the internal pro- 
cessor 1 2 wishes to write; data only the first 

45 interface RAM 1 32 is activated and if the 
internal processor 1 2 wishes to read data only 
the second interface RAM 133 is activated. 
The internal processor 1 2 addresses each of 
the locations in turn, either reading or writing 

50 data, in the RAMs 132, 133. In the first 
location, if writing, the internal processor 1 2 
deposits an instruction word indicating the 
nature of the following message, for example, 
indicating that the following data is to be 

55 encrypted in a certain manner. In a second 
location in the first interface RAM 1 32, if 
writing, the internal processor 1 2 deposits a 
length word indicating the number of data 
words following. Similarly, if reading, the in- 

60 t rnai processor 1 2 retreives the word in the 
first location of the second interface RAM 1 33 
earlier deposited therein by the encryption 
control processor 102 indicativ of the nature 
of the data following, e.g. data encryted with 

65 a particular key, and then retreives the word 



in the s cond location of the second interface 
RAM 1 33 indicative of the number of data 
words following. If writing the internal proces- 
sor 1 2 goes on to deposit the number of data 
70 words indicated and if reading the internal 
processor 1 2 goes on to ret reive the number 
of data words indicated, in each case by 
incrementing the address on the internal ad- 
dress bus 1 6 through the appropriate se- 
75 quence of addresses. 

The first and second interface RAMs 1 32 
133 are each capable of storing 1024 8-bit 
data words. The encryption processor 102, 
when wishing to operate through the com- 
80 munication register 1 00, looks to see if the 
first address decoder 134 is providing its 
output indication in the same way that the 
internal processor 1 2 looks to see if the 
second address decoder 1 36 is providing its 
85 output indication, waiting in the same manner 
until it alone wishes to access the communi- 
cation register 1 00. The only difference be- 
tween the manner of operation of the encryp- 
tion control processor 102 and the manner of 
90 operation of the internal processor 1 2 ties in 
that the internal processor 1 2 deposits data in 
the first interface RAM 1 32 and retrieves data 
from the second interface RAM 133 whereas 
the encryption control processor 1 02 deposits 
95 data in the second interface RAM 1 33 and 
retieves data from the first interface RAM 
1 32. In this way the internal processor 1 2 
and the encryption control processor 1 02 can 
pass plural-word data messages and identify- 

1 00 tng instructions between one another. 

It is not important to the understanding of 
the present invention how the internal proces- 
sor 1 2 deals with received messages, save as 
later described. In the case of the encryption 

105 control processor 102, data words are re- 
tieved one by one from locations in the vola- 
tile RAM 106 and transferred one by one to 
the appropriate locations in the second inter- 
face RAM 133. It is not possible for the 

1 1 0 encryption control processor 1 02 to recover 
data from the secure RAM 1 08 since to be 
able to acces the data therein would mean 
access to secret information. Thus the encryp- 
tion control processor 1 02 is not provided 

1 1 5 with an instruction it can obey for transferring 
data from the secure RAM 1 08 to the com- 
munication register 100. However, the en- 
cryption control processor 102 can receive 
information, notably keys, for storage in the 

1 20 secure RAM 108. This is explained below. 

Those skilled in the art will appreciated that 
means for transferring clock control to the 
RAMs 132 133 between processors 12, 102 
must be provided for the loading and unload- 

1 25 ing ther of as described. Those skilled in the 
art will also appreciate that other methods of 
transferring data between the two processors 
12, 1 02 can equally be applied to the present 
invention employing modifications thereto 

1 30 which will be apparent and, as will become 
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clear from the following description, the only 
requirement is that indication be provided 
along with the associated data as to the 
nature of the processing required to be per- 
5 formed on or having been performed on the 
data. 

Fig. 8 shows a schematic block diagram of 
the encryption block 120 of Fig. 6. 
The encryption block 1 20 comprises an 

10 input register 150 operable to receive a series 
of eight 8-bit data words from the encryption 
data bus 96 and present them as an input to 
an encryption circuit 1 52 via the encryption 
circuit input bus 154. The exact construction 

1 5 and manner of operation of the input register 
1 50 is to be described below. At this stage it 
is enough to say that a 64-bit input word is 
assembled for parallel presentation to the en- 
cryption circuit 1 50. 

20 The encryption block 1 20 further comprises 
a key register 156. The key register 156 
comprises eight 8-bit registers each coupled 
to receive an 8-bit word from the encryption 
data bus 96 to present a parallel 64-bit key 

25 word to the enctryption circuit 152 via the 
key bus 1 58. 

The encryption block 1 20 further comprises 
an output register 1 60 coupled to receive a 
64-bit parallel encrypted or decrypted word 

30 from the encryption circuit 152 in eight 8-bit 
registers each individually addressable there- 
after to render up their contents onto the 
encryption data bus 96. 
The encryption block 120 yet further com- 

35 prises an encryption address decoder 1 64 
coupled to receive the encryption address bus 
98 and operable to provide an addressing 
signal to each of the 8-bit registers in the 
input register 1 50, the key register 1 58 and 

40 the output register 160. Each of the 8-bit 
registers constitutes a seperate address to the 
encryption control processor 102. The encryp- 
tion address decoder 1 64 decoder the ad- 
dresses on the encryption address bus 98 and 

45 provides a separate activating signal to the 
selected one of the 8-bit registers whenever 
one of the 8-bit registers is addressed. Each of 
the 8-bit registers receives its own individual 
activating signal via its own individual ad- 

50 dressing line, symbolised in Fig. 8 by an input 
register address bus 166 being representative 
of the collection of addressing lines going to 
the 8-bit registers in the input register 1 50, 
an output register address bus 1 68 being 

55 representative of the collection of address 
lines going to the output register 1 60, and a 
key register address bus 1 70 being represen- 
tative of the collection of address lines going 
to the 8-bit registers in the key register 156. 

60 Not sh wn in Fig. 8 for simplicity, is a 1-bit 
control regist r seperat ly addressabl via the 
encryption data bus 96 and the encryption 
address bus 98 decoded by the ncryption 
address decoder 1 64 to accept on f the 

65 binary digits pr vided by the ncryption data 



bus 96, in just the same way as the 8-bit 
regist rs accept their inputs in, for example, 
the k y register 156. The contents of the 
control register are coupled as a further input 

70 to the encryption circuit 1 52. The encryption 
circuit 1 52 responds to the content of the 
control register by encrypting the data pro- 
vided by the input register 1 50 if the content 
of the control register is logically true and by 

75 decrypting the data provided by the input 
register 1 50 if the content of the control 
register is logically false. 

The encryption circuit 1 52 accepts a 64-bit 
input word from the input register 1 50, ac- 

80 cepts a 64-bit key word from the key register 
1 58, and provides a 64-bit encrypted or de- 
crypted version of the input word to the 
output register 1 60. The encryption cirucit 
152 employed as part of the present inven- 

85 tion in hs preferred embodiment is character- 
ised by the use of Integrated Circuit type WD 
2001 made by Western Digital Corporation 
and supporting an encryption algorithm de- 
fined in the United States National Bureau of 

90 Standards Data Encryption Standard (DES). 
Each of the 2 M different possible key words 
provided to the key register 156 elicits a 
different one of 2 64 different scrambling pat- 
terns for the order of the 64 binary digits 

95 provided by the input register 1 50 to be 

altered before presentation to the output regis- 
ter 1 60. If the encryption circuit 1 52 is 
ordered to encrypt the input register 1 50 data 
it applies the selected scrambling pattern, and 
100 if ordered to decrypt, it applies the comple- 
mentary "unscrambling'' pattern of binary di- 
git positions to undo the selected scrambling 
pattern. 

It will become clear from the following 

105 description that the particular embodiment of 
encryption circuit 1 52 chosen by way of 
example to describe the action of the pre- 
ferred embodiment of the present invention is 
not restrictive in its type. Systems encrypting 

110 and decrypting word lengths other than 64- 
bits are equally applicable, as are system 
where input and key data can be supplied 
time-sequentially rather than in parallel. Those 
skilled in the art will be aware of the modifica- 

115 tions to the preferred embodiment which 

would be required for the use of such alterna- 
tive systems. 

In use, the encryption control processor 
1 02 loads the key word into the key register 

120 1 56 8-bit word by 8-bit word until the key 
register 1 56 is full and the whole of the key 
word is therein. The encryption control pro- 
cessor 1 02, subject to the constraints to b 
described in connection with the construction 

125 and op ration of the input register 150, then 
loads the input register 1 50 8-bit word by 8- 
bit word until the whole of the input word li s 
therein and the input register 1 50 is fulf. After 
an appropriate period of waiting for the en- 

1 30 cryption circuit 152 to perform its function, 
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the encryption control processor 1 02 with- 
draws the resulting encrypt d or decrypted 
result 8-bit word by 8-bit word from the 
output register 160. 
5 Fig. 9 shows a schematic circuit diagram of 
the input register 1 50 of Fig. 8. 

The input register 1 50 comprises a direct 
register 172 coupled to receive the encryption 
data bus 96 and eight addressing fines from 

1 0 the input register address bus 1 66 one for 
addressing each of eight 8-bit registers 
therein, the direct register 172 thereby being 
loadable with a 64 bit direct data word. The 
contents of the direct register 1 72 are pro- 

1 5 vided as a 64-bit parallel word on a direct 
register output bus 1 74. 

The input register 1 50 further comprises a 
64-bit cyphertext register 176 coupled to re- 
ceive the encryption data bus 96 and a fur- 

20 ther eight addressing lines from the input 
register address bus, one for addressing each 
of eight 8-bit registers therein, the cyphertext 
register 1 76 thereby being loadable with 64- 
bit cyphertext data word in the manner earlier 

25 described. The contents of the cyphertext 
register 1 76 are provided as a 64-bit parallel 
output on a cyphertext output bus 1 78. 

The input register 1 50 further comprises an 
exclusive-or array 1 80, in receipt of the 64-bit 

30 parallel direct data word as a first input, in 
receipt of the 64-bit parallel cyphertext data 
word as a second input, and operable to 
provide a 64-bit parallel exclusive-or output 
word on an exlusive-or output bus 182, where 

35 each binary digit in the exclusive-or output 
word represents the exclusive-or function of 
the pair of binary digits in the corresponding 
positions in the direct data word and the 
cyphertext data word, the exclusive or func- 

40 tion being logically true if one or the other but 
not both of the corresponding binary digits is 
true and otherwise logicajly false, the relation- 
ship being clarified by the Boolean Equation 

45 E=D.C + C.D 

where E is the binary digit in the Exclusive-or 
output word, D is the binary digit in the direct 
data word and C is the binary digit in the 

50 cyphertext data word. 

The input register 1 50 further comprises a 
cypher flip-flop register 1 84 in receipt of a 
single bit from the encryption data bus 96 via 
a single bit input line 186 and in receipt of a 

55 single address line 188 from the input regis- 
ter address bus 166 being decoded from the 
encryption address bus 98 by the encryption 
address decoder 164. The encryption control 
process 1 02 is thereby able to cause the 

60 contents of the cypher flip-flop register 1 84 to 
assume a logically true or' a logically false 
condition. The condition of the contents of the 
cypher flip-flop register 184 is coupled as a 
cypher output signal on a cypher output line 

65 190. 



The input register 1 50 lastly comprises an 
encrypti n diplexer 1 92 in r ceipt of the 64- 
bit parallel direct data word as a first input, in 
receipt of the 64-bit parallel exclusive-or out- 

70 put word as a second input, in receipt of of 
the cypher output signal as a controlling in- 
put operable in response to the contents of 
the cypher flip-flop register 184 being logi- 
cally false to provide as output, on the 64-bit 

75 wide encryption circuit input bus 1 54, the 
direct data word on the direct data output bus 
1 74 and operable in response to the contents 
of the cypher flip-flop register 184 being 
logically true to provide, as output onto the 

80 encryption circuit input bus 1 54, the exclu- 
sive-or output word on the exclusive-or output 
bus 182. 

In operation the encryption control proces- 
sor 1 02 elects whether a straight encryption 
85 is required or a cyphertext operation. If 
straight encryption is required the encryption 
control processor 102 addresses the cypher 
flip-flop register 1 84 and sets its contents to 
logically false, having the effect of causing the 
90 encryption diplexer 192 to provide, as the 
input to the encryption circuit 1 52 on the 
encryption circuit input bus 1 54, the contents 
of the direct register 172. The encryption 
control processor 1 02 then loads the direct 
95 register 1 74 with a 64-bit direct data word as 
described, waits, and accepts the encrypted 
word from the output register 160. 

If cyphertext operation is required, the en- 
cryption control processor 1 02 addresses the 

1 00 cypher flip-flop register 1 84 and sets its con- 
tent to being logically true. This has the effect 
of causing the encryption diplexer 192 to 
provide as the encryption circuit 1 52 input 
signal on the encryption circuit input bus 1 54 

1 05 the exclusive-or output word provided on the 
exclusive-or output bus 182 by the exclusive- 
or array 180. The input register 150 is then 
ready to commence a cyphertext operation for 
the cypher-encryption of data messages to 

1 10 and from the remote-host 22. 

In order to start the cyphertext operation 
the encryption control processor 102 must 
first load the cyphertext register 176 with a 
start word. It achieves this by loading, 8-bit 

1 1 5 word by 8-bit word, a 64-bit string of all ones 
into the eight 8-bit registers making up the 
cyphertext register 1 76. The start word cho- 
sen for preference in this instance is an all- 
zeros word, but this is by no means restrictive 

1 20 and those skilled in the art will be aware of 
many other start words which can be used. 
The encryption control processor 1 02 then 
loads the first eight 8-bit bytes of the m ssage 
to b cyphertext encrypted into the direcet 

1 25 register 1 72. The exclusive or array 1 80 

provides the encryption circuit 1 52 intput bus 
1 54 with the described exclusive-or function 
generated between th contents of the cypher- 
text register 176 and the direct register 172. 

1 30 The encryption control processor 1 02 waits 
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and rec ives the output of the encryption 
circuit 1 52 from the output register 1 60, and 
this output is used as the first eight bytes of 
the cyphertext message. The encryption con- 
5 trol processor 102 takes the first eight bytes 
of the cyphertext message and places it into 
temporary storage in the volatile RAM 106. 
The encryption control processor 1 02 then 
retrieves the first eight bytes from the RAM 

10 106 and loads then into the cyphertext regis- 
ter 176. The encryption control processor 
1 02 then loads the next eight bytes of the 
message to be cyphertext encrypted into the 
direct register 1 72, waits for the encryption 

1 5 circuit 1 52 to work and stores the result in 
the volatile RAM 106 as before, once again 
retrieving the result therefrom and placing it 
into the cyphertext register 176 and loading 
the direct register 172 with the next eight 

20 bytes of the message to be cyphertext en- 
crypted. In this way the encryption control 
processor 1 02 takes the message to be cy- 
phertext encrypted from its store in the RAM 
106 by eight byte (64 bit) blocks and loads 

25 each block into the direct register 1 72, load- 
ing the cyphertext register 1 76 with the result 
of the previous encryption. The encryption 
circuit 1 52 then encrypts the result of forming 
the exclusive-or function between the contents 

30 of the direct register 1 72, namely the eight 
byte block of the data to be cyphertext en- 
crypted and the previously cyphertext-en- 
crypted eight byte block, being the contents 
of the cyphertext register 176. In this eay the 

35 encryption control processor 102 carries on 
until the whole of the message to be cypher- 
text encrypted is complete. The message is 
required to be an integral number of 64 bits 
long. 

40 In the overall operation of the autoteller 10, 
when the autoteller 1 0 is switched on, after 
an initial power-on and confidence check, the 
encryption control processor 1 02 looks to see 
if the key-loader 58 is present. It does so by 

45 calling up address 3000 hexadecimal. This is 
the address of the first location in the Read- 
only memory 88 and contains a predeter- 
mined flag character. In this instance the 
predetermined flag character is hexadecimal 

50 A, but it can any non-zero character desired. If 
the encryption control processor 1 02 sees 
data A at address 3000 hexadecimal it knows 
that the key loader 58 is plugged onto the key 
connector 42. In response the encryption con- 

55 trol processor 102 jumps to execute the pro- 
gram starting at address 3001, this being the 
next address in the ROM 88. The programme 
in the ROM 88 is any programme that the 
autoteller owner wishes to employ to generate 

60 a master key word 64 bits long. The program 
has access to use f th encryption block, and 
to cyph rtext encyption. In addition it can use 
any encryption alogithm of its own styl that 
it pleases. It can start with any data that is 

65 chosen, and use any function available 



through the encryption control processor 102. 
Th master key generation program is secret, 
and known only to the owner of the autoteller. 
In fact, the program does not even have to be 
70 known to the owner, since it is contained on 
the key loader 58. The key loader 58 when 
not in use is kept by a single bank official 
who does not need to know what is stored 
thereon. 

75 Having completed the algorithm defined by 
the contents of the ROM 88, the encryption 
control processor 88 stores the 8-byte master 
key it has generated in a temporary location in 
the volatile RAM 106. It then places a predet- 
80 ermined flag character in the flag comparator 
1 22 indicative of the master key having been 
loaded. Thereafter it signals to the internal 
processor 1 2 that it is ready to receive a 
session sub-key from the remote host 22. The 
85 internal processor 12 signals the host 22 to 
supply it with a session sub-key via the data 
link 20 and the serial data interface 1 8. The 
remote host 22 then supplies a 64-bit session 
sub-key to the internal processor 1 2 which 
90 passes it in turn to the encryption control 
processor 102. The encryption control proces- 
sor 1 02 loads the master key from its tempo- 
rary location in the volatile RAM 1 06 into the 
key register 1 56 of the encryption block 1 20, 
95 loads the received session sub-key into the 
direct register 172, commands the cypher 
flip-flop register 1 84 to produce straight en- 
cryption, and accepts the output from the 
output register 1 60 as the session key. The 

100 encryption control processor 102 then de- 
stroys the contents of the temorary storage 
location in the volatile RAM 1 06 for the 
master key, storing the master key in the 
secure RAM 1 08 in a first predetermined 

1 05 location and storing the session key in the 
secure RAM 108 in a second predetermined 
location, scattering other data throughout the 
secure RAM so that it is not possible to 
determine what data in the secure RAM 1 08 

110 represents keys. 

If, on inspection of memory location 3000 
hexadecimal the encryption control processor 
1 02 does not see A as stored data, then it 
knows that the key loader 58 is not present 

1 15 on the key connector 42. Accordingly, it re- 
tieves the master key from the predetermined 
location in the secure, sustained RAM 1 08 
and sets the predetermined flag character in 
the flag comparator 1 22 if the master key 

120 passes its parity check. The encyption control 
processor 1 02 then continues as before as if 
the master key had been loaded by the key 
loader 58. In either case, as soon as the 
session k y has be n successfully loaded from 

1 25 the remot host 22 and ncrypted using the 
master key, the encrypti n control processor 
1 02 sets a second predetermined flag charac- 
ter in the flag comparator 1 22 indicative of 
the successful loading of the session key. 

1 30 The session key is used thereafter for the 
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ncryption and decryption of data recorded on 
the card pres nted to the autoteller 1 0 by the 
prospective user. The manner of use is not 
restrictive, but, purely by way of example, the 
5 autoteller 10 can read a card, the internal 
processor 1 2 commanding the card reader 
24. The card reader 24 transfers the data it 
obtains into temporary storage in the internal 
processor 1 2. Thereafter the internal proces- 

10 sor 1 2 sends the data, or some selected part 
of the data from the card, in a block via the 
communication register 1 00, together with an 
instruction as to whether the data is to be 
encrypted or decrypted, to the encryption mo- 

1 5 dule 30. The encryption module 30 obeys the 
instruction, as will become clear from later 
description, within a predetermined range of 
operations. Having performed the required op- 
eration, as earlier described, the encryption 

20 module 30 returns the operated-upon data 
back to the internal processor 1 2. The internal 
processor 1 2 can, if it is so desired, command 
the keyboard 26 to render up its entered 
number and transfer that number to the en- 

25 cryption module 30 for encryption or decry p- 
rion, the encryption module 30 returning the 
result to the internal processor 12. The inter- 
nal process 1 2 can then operate in any de- 
sired manner according to any desired a logo r- 

30 ithm chosen by the owner of the autoteller 
upon the data derived from the card reader 
24 and from the keyboard 26 to determine 
whether a desired correspondence exists be- 
tween the number entered on the keyboard 

35 26 and the data from the card reader 24, 
validating the user's right to employ the card. 
Thereafter the autoteller 1 0 can dispense 
money to the user or not dependently upon 
whether the correspondence exists and upon 

40 whether the host system 22 allows such an 
action after authorisation communication 
therewith. 

The description so far has indicated the 
master key being loaded soley via the key 

45 loader 58. It is to be appreciated that, at the 
discretion of the owner of the autoteller 1 0, 
the master key can be loaded from the remote 
host system 22. This permits the owner to 
employ any measure of security that he so 

50 desires. 

On the understanding that, where a piece of 
data such as a key is indicated, that piece of 
data was obtained by the internal processor 
1 2 from the host system 22 and where other 

55 data such as card data and keyboard data is 
indicated, the internal processor 12 obtains h 
from its peripheral parts 24, 26, the internal 
processor 1 2 sends commands and data to 
encryption module 30 via the communication 

60 r gister 100 as describ d and r civ s data 
and indication of the operation performed 
back from the ncryption module 30. 

If the first word in a block provided via the 
communication register 100 by internal pro- 

65 cessor 12 for the ncrypti n control process 



1 02 is h xad cimal 00, th internal processor 
12 c mmands the encryptt n module 30 
merely to echo back the message it receives 
for the encryption module 30 to act as a 
70 temporary store and as a possible confidence 
test upon the encryption module 30. The 
encryption control processor 1 02 takes the 
subsequent data words into temporary storage 
in the volatile RAM 106, The encryption 
75 control processor 102 returns the temporarily 
stored data to the communication register 
1 00 for provision back to the internal proces- 
sor 1 2, causing the first character in the 
second interface RAM 1 33 to be hexadecimal 
80 50, indicatively of the following data being 
echoed data. 

If the first word in a block in the first 
interface RAM 132 is hexadecimal 31, the 
internal processor 1 2 is commanding the en- 
85 cryption module 30 to encrypt the following 
block of data by blocks of 64 bits using the 
session key. The session key is recovered from 
its secure location in the sustained RAM 1 08 
and loaded into the key register 156. Straight 
90 encryption is then performed as earlier de- 
scribed. At the end of encryption, the encryp- 
tion control processor 1 02 loads the result 
thereof from the volatile RAM 106 into the 
second interface RAM 1 33, causing the first 
95 character therein to be hexadecimal 51 to 
indicate to the internal processor 1 2 that the 
following block of data has been encrypted 
using the session key. Such an instruction and 
response can be used on data read from a 

100 user's card. 

If the first word in a block in the first 
interface RAM 1 32 is hexadecimal 32, the 
internal processor 1 2 is commanding the en- 
cryption 30 to decrypt the following block of 

1 05 data using the session key by blocks of 64 
bits. The session key is recovered from its 
secure location and loaded into the key regis- 
ter 156. Straight decryption is then performed 
as earlier described. At the end of decryption 

110 the encryption control processor 1 02 loads 
the result thereof from the volatile RAM 106 
into the second interface RAM 1 33 causing 
the first character therein to be hexadecimal 
52 indicative to the internal processor 1 2 of 

1 1 5 the following block of data having been de- 
crypted using the session key. 

If the first character in a block of data in the 
first interface RAM 132 is hexadecimal 33, 
the internal processor 1 2 is commanding the 

1 20 encryption control processor 1 02 to accept 
the following eight bytes of data as the ses- 
sion key. The encryption control processor 
102 loads the eight bytes directly into the 
secure locations earlier de described in the 

1 25 secur RAM 108. The encryption modul 30 
then signals back to the internal processor 1 2 
that the session key has been load d by 
s tting a binary digit in a device status regis- 
ter, not sh wn, whose operation will be appar- 

1 30 ent to those skilled in the art and which can 
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be interrogated by th internal processor 1 2. 

If the first character in a block of data in the 
first int rface RAM 1 32 is hexadecimal 34 the 
internal processor 1 2 is commanding the en- 
5 cryption control processor 1 02 to accept the 
following eight bytes of data as a session sub- 
key and to encrypt them using the master key 
before storage in the secure RAM 108 as the 
session key. The encryption control processor 

10 102 responds thereto as indicated, and, as 
before, sets the binary digit in the status 
register indicative of the session key having 
been loaded. 
If the first character in a block of data in the 

1 5 first interface RAM 1 32 is hexadecimal 35 the 
internal processor 1 2 is commanding the en- 
cryption control processor 1 02 to accept the 
following eight bytes of data as a session sub- 
key and to decrypt them using the master key 

20 before storage in the secure RAM 108 as the 
session key. The encryption control processor 
102 responds thereto as indicated and, as 
before, sets the binary digit in the status 
register indicatively of the session key having 

25 been loaded. 

If the first and only character in the first 
interface RAM 1 32 is hexadecimal 36 the 
internal processor 1 2 is commanding the en- 
cryption control processor 1 02 to clear the 

30 session key. The encryption control processor 
1 02 responds by clearing the secure location 
in the secure RAM 108 whereat the eight 8- 
bit bytes of the session key are stored and by 
resetting the binary digit in the status register 

35 now indicatively of the session key no longer 
being loaded. As a further action the encryp- 
tion control processor 1 02 also unloads the 
predetermined flag character from the flag 
comparator 1 22 so that it no longer provides 

40 indication of the session key being loaded. 
If the first and only character in the first 
interface RAM 132 is hexadecimal 37 the 
internal processor 1 2 is commanding the en- 
cryption control processor to clear all flags. 

45 The encryption control processor 102 resc- 
ponds by resetting all status flags, resetting all 
indications to the flag comparator 1 22 so tht 
it no longer provides indication of the session 
or master keys being loaded and by clearing 

50 the entire contents of the secure RAM 1 08, 
inclusively of the master key, so that fresh 
keys must be loaded before operation can 
continue. As will become clear from later 
description, this can include a plurality of 

55 communications keys stored therein. 

If the first word stored in the first interface 
RAM 132 is hexadecimal 38 the internal 
processor 12 is commanding the encryption 
control processor 1 02 to load the foil wing 

60 eight 8-bit characters as the master key, this 
time supplied by the remote host syst m 22, 
directly into the secure RAM 1 08 location 
reserved for it and to provide the pred ter- 
mined charact r to the flag comparator 1 22 

65 for it to provide output indication of the 



master key having been loaded, and to s t an 
appropriate flag in the device status register 
(not shown). 

If the first word stored in the first interface 

70 RAM 132 is hexadecimal 39 the internal 
processor 12 is commanding the encryption 
control processor 102 to provide cyphertext 
encryption, using the session key, in the man- 
ner already described, for the data following. 

75 The encryption control processor 102 re- 
sponds by taking the cyphertext encrypted 
data from temporary storage in the volatile 
RAM 1 06 and loading it into the second 
interface RAM 1 33, making the first character 

80 therein hexadecimal 59 indicatively of the 
following data having been cyphertext en- 
crypted. 

If the first character stored in the first 
interface RAM 132 is hexadecimal 3Athe 
85 internal processor 12 is commanding the en- 
cryption control processor 1 02 to cyphertext 
decrypt the following block of data in the 
same manner as the already described cypher- 
text encryption save that the decryption facil- 
90 rty of the encryption circuit 152 is selected. 
After the cyphertext decryption, just as for 
cyphertext encryption, having used the ses- 
sion key, the encryption control processor 
1 02 takes the cyphertext decrypted message 
95 from temporary storage in the volatile RAM 
1 06 and places it into the second interface 
RAM 133 making the first word therein hexa- 
decimal 5A indicatively to the internal proces- 
sor 1 2 of the following block of data having 

1 00 been cyphertext decrypted. 

In addition to the features already de- 
scribed, the autoteller system 10 also com- 
prises means for the transmission and recep- 
tion of secure messages between the external 

1 05 host system 22 and the internal processor 1 2 
using a selectable one out of a plurality of 
communication keys. 

After the master key and the session keys 
have been loaded into the encryption module 

110 30, the internal processor 1 2 examines the 
status register, already described but not 
shown in the drawings, whereby the encryp- 
tion control processor 1 02 signals to the 
internal processor 1 2 that all has been carried 

1 1 5 out successfully, and, if all is in order, signals 
to the external host system 22 that it is ready 
to receive communications keys or communi- 
cation sub-keys. 
The internal processor 12 receives an indi- 

1 20 cation from the external host system 22 that 
the following stream of binary digits repre- 
sents a serialisation of an ordered succession 
of one hundred 64-bit communication keys or 
communication sub-keys. The xternal host 

1 25 22 also indicat s if the following binary digits 
are actual k ys or are sub-k ys. Th internal 
proc ssor 1 2 assembles the stream of binary 
digits into a succession of 8-bit bytes for 
provision to the encryption control processor 

130 102. 
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If the first word stored in the first interface 
RAM 1 32 is hexadecimal 3B the internal 
processor 1 2 is commanding the encryption 
control processor 1 02 to accept the following 
5 eight hundred ordered bytes of data as com- 
munications keys. The encryption control pro- 
cessor 1 02 strips out the data in eight-byte 
blocks i.e. 64 bit blocks and stores each block 
in a predetermined location in the secure 

10 RAM 108 such that each block can be lo- 
cated by the calling up of its serial number. 
That is to say, by calling up the first block, 
the block first presented to the first interface 
RAM 1 32 is obtained, by calling up the 

1 5 fifteenth block the fifteenth block stored in the 
first interface RAM is obtained, and so on so 
that each block can be accessed merely by 
calling up its number lying between 1 and 
1 00. It is to be appreciated that more blocks 
- 20 or fewer blocks than 1 00 can be used in the 
present invention. Each stored block of 64 
bits becomes a communication key. The en- 
crytption control processor 1 02 thereafter sets 
a binary digit in the device status register, 

25 (already mentioned but not shown) indica- 
tively to the internal processor 1 2 of the 
communication keys having been loaded. 

If the first word stored in the first interface 
RAM 1 32 is hexadecimal 3C the internal 

30 processor 12 is commanding the encryption 
control processor 1 02 to accept the following 
succession of eight hundred ordered 8-bit 
bytes of data as communication sub-keys. The 
encryption control processor 1 02 strips out 

35 the data in eight-byte blocks and encrypts 
them using the master key, once again storing 
the result of the encryption as a succession of 
communication keys in the secure RAM 108, 
each one being individually recallable by the 

40 provision of the number i to 100 indicative 
of the serial order of its receipt among the 
other communication keys. 

If the first word stored in the first interface 
RAM 1 32 is hexadecimal 3D, the internal 

45 processor 12 is internal processor 12 is com- 
manding the encryption control processor 102 
to accept the following succession of eight 
hundred ordered 8-bit bytes of data as com- 
munication sub-keys, to be operated upon in 

50 just the same manner as if the first word 
stored had been hexadecimal 3C, save that 
the decryption function of the encryption cir- 
cuit 1 52 is selected as opposed to the encryp- 
tion function. 

55 If the first word stored in the first location 
of the first interface RAM 1 32 is hexadecimal 
40, the internal processor 1 2 is commanding 
the encryption control processor 1 1 2 to en- 
crypt the following message using an elected 

60 communication key. As stated b fore, the sec- 
ond word stored in the first interface RAM 
1 32 indicates how many data words follow. If 
the first word is 40 the encryption control 
processor 102 interprets the third word stored 

65 therein as indicating which f the hundred 



communication keys is to be used. The third 
word is therefore a number elected by the 
internal processor 12 via the external host 
system 12 from 1 to 100 for data commnica- 

70 tion purposes. The eleceted elected communi- 
cation key is loaded into the key register 1 56 
and encryption oft he remaining contents of 
the first interface RAM proceeds as before 
described. The encryption control processor 

75 102 deposits the result of the encryption from 
temporary storage in the volatile RAM 106 
into the second interface register 1 33 making 
the first word therein 60 to indicate to the 
internal processor 12 that encryption using a 

80 communication key has taken place on the 
following data, making the second word in- 
dicative of the serial number of the communi- 
cation key employed, and indicating in the 
third word the number of following data 

85 words. 

If the first word stored in the first location 
of the first interface RAM 1 32 is hexadecimal 
41 the internal processor 12 is commanding 
the encryption control processor 1 02 to de- 

90 crypt the following message using an elected 
communication key. All takes place as before 
as if the first word had been hexadecimal 40, 
save that the decryption function of the en- 
cryption circuit 1 52 is selected and the en- 

95 cryption control processor 102 makes the first 
word in the second interface RAM 1 33 hexa- 
decimal 61 as opposed to hexadecimal 60, 
indicating to the internal processor 1 2 that 
the following data stored therein has been 
1 00 decrypted using the communication key 
elected in the third word therein. 

If the first word stored in the first location 
of the first interface RAM 1 32 is hexadecimal 

43 the internal processor 12 is commanding 
105 the encryption control processor 102 to cy- 

phertext encrypt the following data using the 
communication key elected in the third word 
stored therein. Cyphertext encryption takes 
place as before described with the elected 

1 1 0 communication key loaded into the key regis- 
ter 156 from the secure RAM 108. The 
encryption control processor 1 02 deposits 
the result of the cyphertext encryption into the 
second interface RAM 133 making the first 

115 word therein hexadecimal 63 indicating to 
interna) processor 1 2 that the following data 
has been cyphertext encrypted using the com- 
munication key indicated by the number 
stored in the third location therein. 

1 20 If the first word stored in the first location 
of the first interface RAM 1 32 is hexadecimal 

44 the internal processor 1 2 is commanding 
the encryption control processor 1 02 to cy- 
phertext decrypt the the following data using 

1 25 the communication key elected in the third 
word stored therein. All takes place as if the 
first word were hexadecimal 43 save that the 
decryption facility of the encryption circuit 
1 52 is selected and that the encryption con- 

1 30 trot process r 1 02 makes the first word stored 
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in the second interface RAM 133 hexadecimal 
64 to indicate to the internal processor 1 02 
that the following data has been cyphertext 
decrypted using the communication key 
5 elected in the third word stored therein. 

In this manner, by passing keys which are 
selectabfy encryptable or decryptable using 
the master key, or are directly usable without 
encryption or decryption but are referred to 

1 0 ever afer transmission from the host 22 in 
either of the two cases by a serial number 
unrelated to their value so that an interloper 
cannot discover which key is being used for 
data communications between the host 22 

1 5 and the outoteler system 10, the communi- 
cation of data therebetween is rendered se- 
cure. The host 22 indicates whh each mes- 
sage which of the keys is to be used in what 
manner, and the internal processor 12 re- 

20 sponds by causing the encryption control pro- 
cessor 1 02 to operate upon the received data 
in the selected manner to generate the com- 
munication text, the internal processor 12 
applying the inverse command to the encryp- 

25 tion control processor 102 for the rendering 
unintelligible of data for transmission from the 
internal processor 1 2 to the host 22. 

Returning briefly to the monitor circuit 1 28 
of Fig. 6, the monitor 128 causes the first 

30 LED 70 to be lit if the master key has not 
been loaded, causes the second LED 72 to be 
lit if the master key has not been loaded and 
the encryption control processor 1 02 does not 
detect the presence of the key loader 58, 

35 causes the third and fourth LEDS 76, 78 to 
be lit if the master key has been loaded by the 
battery terminal voltage is low, and causes the 
fourth LED 78 alone to be lit if the master key 
has been successfully loaded and the unit in 

40 operational. In this manner, the security per- 
sonnel in charge of the key loader 58 can 
chart the course of the loading of the master 
key and are provided in some small part with 
a diagnosis of at least the sympton if not the 

45 cause of malfunction in the event of the 
autoteller system 10 failing to operate. 

While the monitoring operation employed to 
light the LEDs 72 74 76 78 in response to 
internal conditions in the encryption module 

50 30 has heretofore been described using a 
monitor circuit 128, it is to be appreciated 
that the function of the monitor circuit 1 28 
could be absorbed into the overall operation 
of the encryption control processor 1 02 which 

55 can set and reset latches and the like in 
response to its internal states to drive the 
LEDs 72 70 74 76. 

CLAIMS 

60 1 . An autoteller system for dispensing 
money to a user on presentation of a valid 
card, said system comprising: a r movable 
mast r key loader for providing instructions 
for the performanc of an algorithm for the 

65 generation of a master key word, a port for 



receiving said master key load r and for read- 
ing said instruction therefrom, an encryption 
circuit coupled to rec ive an input word, 
coupled to receive a current key word, and 
70 operable to respond to said current key word 
to provide an output word being said input 
word encrypted according to a selected one 
out of a plurality of manners of encryption, a 
card reader for reading data from said card, 
75 and a data link operable to receive a remotely- 
provided sub-key word, where said system is 
operable to receive said instructions from said 
port and to perform said algorithm to generate 
said master key word, where said system is 
80 operable to couple said master key word as 
said current key word in said encryption cir- 
cuit, where said system is operable to couple 
. said sub-key word as said input word in said 
encryption circuit, and where said system is 
85 operable to couple the output word resultant 
therefrom as a new current key word to said 
encryption circuit said system being coupled 
to receive said data on said card from said 
reader and being operable thereafter to couple 
90 said data from said as said input word to said 
encryption circuit for encryption in response 
to said new current key word. 

2. An autoteller system for dispensing 
money to a user on presentation of a valid 
95 card, said system comprising; a removable 
master key loader for providing instructions 
for the performance of an algorithm for the 
generation of a master key word, a port for 
receiving said master key loader and for re- 

1 00 cetving said instructions therefrom, an encryp- 
tion circuit coupled to receive an input word, 
coupled to receive a current key word and 
operable to respond to said current key word 
to provide an output word being said input 

1 05 word encrypted according to a selected one 
out of a plurality of manners of encryption, 
and a data link, where said system is coupled 
to receive said instructions from said port and 
is operable to respond thereto to generate said 

110 master key word, where said system is oper- 
able to couple said master key word as said 
current key word to said encryption circuit, 
where said system is coupled to receive from 
said data link a plural succession of communi- 

115 cation sub-key words, and where said system 
is operable to couple each of said communi- 
cation sub-keys words in turn as said input 
word to said encryption circuit to store the 
succession of resultant output words as a 

1 20 plurality of communication key words, said 
system being operable thereafter to receive 
indication from said data link as to which one 
of said communication key words is to be 
selected, and op rable to coupled said se- 

125 lected communication key w rd as said cur- 
rent key word in said encryption circuit for the 
encryption of data sent via and received from 
said data link. 

130 CLAIMS (19 Aug 83) 
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1 . An autoteller system for dispensing 
money to a user on pr sentation of a valid 
card, said system comprising an encryption 
module coupled to receive an input word, 
5 coupled to receive a current key word, and 
operable to respond to said current key word 
to provide an output word being said input 
word encrypted according to a selected one 
out of a plurality of manners of encryption; a 

10 removable master key loader forproviding 
instructions for the performance of an algor- 
ithm for the generation of a master key word, 
a port on said encryption module for receiving 
said master key loader and for reading said 

15 instructions therefrom, a card reader for read- 
ing data from said card, and a data link 
operable to receive a remotely provided sub 
key word, where said module is operable to 
receive said instructions from said port and to 

20 perform said algorithm to generate said mas- 
ter key word, where said module is operable 
to couple said master key word as said current 
key word in said encryptin module, where 
said system is operable to generate a session 

25 key word by coupling said sub key word to 
said encryption module as said input word in 
said encryption module, and by taking the 
output relevant therefrom as said session key 
word, and where said module is operable to 

30 couple said session key word as a new current 
key word in said encryption module, said 
system being coupled to receive said data on 
said card from said reader and being operable 
thereafter to couple said data from said card 

35 to said encryption module as said input word 
to said encryption module for encryption in 
response to said session key word and being 
further operable to receive back from said 
encryption module the result of said encryp- 

40 tion in response to said session key word. 

2. A system according to claim 1 whereby 
said encryption module cpmprises; an encryp- 
tion control processor for controlling the oper- 
ation of said encryption module, a secure 

45 sustained memory for receiving and storing ' 
said master key word and said session key 
word, and a backup power supply for sustain- 
ing said secure memory in the event of the 
main power supply to said system failing, 

50 where the contents of said secure, sustained 
memory are accessible to said encryption con- 
trol processor but where said encryption con- 
trol processor is unable to communicate said 
contents of said secure, sustained memory to 

55 any part of said system external to said en- 
cryption module. 

3. A system according to claim 2 wherein 
said secure, sustained m mory is coupled to 
receive and operable to store and deliver up 

60 to said encryption control processor data 
words other than said master k y word and 
said session k y word, where said master key 
word and said s ssion key word are stored at 
a plurality of predetermined locations in said 

65 secure, sustained memory int rspersed among 



the locations wh reat said other data words 
are stored and known only to said encryption 
control processor. 

4. A system according to claim 3 compris- 
70 ing an edge connector for receiving said en- 
cryption module, where said backup power 
supply comprises a link on said edge connec- 
tor for disconnecting said backup power sup- 
ply from said secure sustained memory in the 

75 event of said encryption module being re- 
moved from said system, whereby the con- 
tents of said secure, sustained memory will be 
lost to prevent external inspection thereof. 

5. A system according to claim 2, 3 or 4 
80 comprising an autoteller control processor for 

controlling the overall operation of said sys- 
tem, where said encryption module comprises 
a communication register for providing com- 
munication between said encryption control 

85 processor and said autoteller control proces- 
sor, said communication register comprising a 
first interface memory for receiving data from 
said autoteller control processor and for deliv- 
ering up data to said encryption control pro- 

90 cessor and a second interface memory for 
receiving data from said encryption control 
processor and for delivering up data to said 
autoteller control processor, 

6. A system according to claim 5 wherein 
95 said encryption control processor includes an 

encryption address bus, wherein said autotel- 
ler control processor comprises an internal 
address bus, and wherein said communication 
register comprises a first address decoder 

100 coupled to receive said internal address bus 
and operable to provide an activating signal to 
said first and second interface memories if an 
address on said internal address bus lies be- 
tween first and second predetermined limits 

105 and a second address decoder coupled to 

receive said encryption address bus and oper- 
able to provide an activating signal to said 
first and second interface memories if an 
address on said encryption address bus lies 

1 1 0 between third and fourth predetermined lim- 
its. 

7. A system according to claim 6 wherein 
said first address decoder is operable to pre- 
vent said second address decoder from pro- 

1 1 5 viding said activating signal in the event of 
the address on said internal address bus being 
between said first and second predetermined 
limits. 

8. An autoteller system for dispensing 
1 20 money to a user on presentation of a valid 

card, said system comprising; an encryption 
module coupled to receive an input word, 
coupled to receive a current key w rd and 
operable to respond to said current key word 

1 25 to provide an output word being, said input 
word, encrypted according to a selected one 
out of a plurality of manners of encryption, a 
removeable master key loader for pr viding 
instructions for the performance of an algor- 

1 30 ithm for the generation of a master key word, 
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a p rt on said module for r c iving said 
master key loader and f r receiving instruc- 
tions therefrom, and a data link, where said 
module is coupled to receive said instructions 
5 from said port and is operable to respond 
thereto to perform said algorithm to generate 
said master key word and operable to couple 
said master key word as said current key word 
to said encryption circuit, where said system 

10 is coupled to receive from said data link a 
plural succession of communication sub key 
words , and where said system is operable to 
couple each of said communication sub key 
words in turn to said encryption module said 

1 5 encryption module being operable to store the 
succession of resultant output words as a 
plurality of communication key words, said 
system being operable thereafter to receive 
indication, from said data link as to which one 

20 of said communication key words is to be 
selected, and operable to command said en- 
cryption module couple said selected com- 
munication key word as said current key word 
for the encryption of data sent via andeived 

25 from said data link. 

9. A system according to claim 8 wherein 
said encryption module comprises; an encryp- 
tion control processor for controlling the oper- 
ation of said encryption module, a secure 

30 sustained memory for receiving and storing 
said master key word and said plurality of 
communication key words, and a back up 
power supply for sustaining said secure mem- 
ory in the event of the main power supply to 

35 said system failing, where the contents of said 
secure, sustained memory are accessible to 
said encryption control processor but where 
said encryption control processor is unable to 
communicate said contents of said secure, 

40 sustained memory to any part of said system 
external to said encryption module. 

10. A system according to claim 9 
wherein said secure, sustained memory is 
coupled to receive and operable to store and 

45 deliver up to said encryption control processor 
data words other than said master key word 
and said plurality of communication key 
words, where said master key word and said 
plurality of communication key words are 

50 stored at a plurality of predetermined locations 
in said secure, sustained memory interspersed 
among the location whereat said other data 
words are stored and known only to said 
encryption control processor. 

55 11. A system according to claim 1 0 com- 
prising an edge connector for receiving said 
encryption module, where said backup power 
supply comprises a link on said edge connec- 
tor for disconnecting said backup pow r sup- 

60 ply from said secure sustained memory in the 
event of said encryption modul being re- 
moved from said syst m, whereby the con- 
tents of said secure, sustained m mory will be 
lost to prevent external inspecti n ther of. 

65 1 2. A system according to claim 9, 10 or 



1 1 comprising an autoteller c ntr I processor 
for controlling the overall operation of said 
system, wher said encryption module com- 
prises a communication register for providing 

70 communication between said encryption con- 
trol processor and said autoteller control pro- 
cessor, said communication register compris- 
ing a first interface memory for receiving data 
from said autoteller control processor and for 

75 delivering up data to said encryption control 
processor and a second interface memory for 
receiving data from said encryption control 
processor and for delivering up data to said 
autoteller control processor. 

80 1 3. A system according to claim 1 2 
wherein said encryption control processor 
comprises an encryption address bus, wherein 
. said autoteller control processor comprises an 
internal address bus, and wherein said com- 

85 munication register comprises a first address 
decoder coupled to receive said internal ad- 
dress bus and operable to provide an activat- 
ing signal to said first and second interface 
memories if an address on said internal ad- 

90 dress bus lies between first and second pre- 
determined limits and a second address deco- 
der coupled to receive said encryption address 
bus and operable to provide an activating 
signal to said first and second interface 

95 memories if an address on said encryption 
address bus lies between third and fourth 
predetermined limits. 

14. A system according to claim 1 3 
wherein said first address decoder is operable 
100 to prevent said second address decoder from 
providing said activating signal in the event of 
the address on said internal address bus being 
between said first and second predetermined 
limits. 

105 15. An autoteller system for dispensing 
money to a user upon presentation of a valid 
card, said system being characterised by com- 
prising; an encryption module coupled to re- 
ceive an input word, coupled to receive a 

110 current key word and operable to respond to 
said current key word to provide an output 
word being said input word encrypted accord- 
ing to a selected one out of a plurality of 
manners of encryption, a removable master 

1 1 5 key loader for providing instructions for the 
performance of an algorithm for the genera- 
tion of a master key word, a port on said 
encryption module for receiving said key 
loader and for reading said instructions there- 

1 20 from, and a data link operable to receive a 
remotely provided sub key word, where said 
encryption module is operable to receive said 
instructions from said port and to perform said 
algorithm t gen rate said master key word, 

1 25 wh re said encryption module is operable to 
employ said master key word as said current 
key word and said sub key word as said input 
word to generate a session key word being 
the output word resultant therefrom, and 

1 30 where, thereafter, said encryption m dule is 



19 



GB2 131 586A 



19 



operable to employ said s ssion k y word as 
said current key word in place of said master 
key word, said module further comprising an 
input register operable to perform a cyphertext 
5 encryption wherein said input word is the 
parallel binary digit. 

EXCLUSIVE-OR comparison between the word 
to be cyphertext encrypted and the output 
word generated in response to the next previ- 
1 0 ously presented word to be cyphertext en- 
crypted. 

16. A system according to claim 1 5 
wherein said encryption module comprises; an 
encryption control processor for controlling 

1 5 the operation of said encryption module, a 
secure sustained memory for receiving and 
storing said master key word and said session 
key word, and a back-up power supply for 
sustaining said secure memory in the event of 

20 the main power supply to said system failing, 
where the contents of said secure, sustained 
memory are accessible to said encryption con- 
trol processor but where said encryption con- 
trol processor is unable to communicate said 

25 contents of said secure, sustained memory to 
any part of said system external to said en- 
cryption module. 

17. A system according to claim 1 6 
wherein said secure, sustained memory is 

30 coupled to receive and operate to store and 
deliver up to said encryption control processor 
data word other than said master key word 
and said session key word, where said master 
key word and said session key word are 

35 stored at a plurality of predetermined locations 
in said secure sustained memory interspersed 
among the locations whereat said other data 
words are stored and known only to said 
encryption control processor. 

40 18. A system according to claim 1 7 com- 
prising an edge connector for receiving said 
encryption module, where said back up power 
supply comprises a link on said edge connec- 
tor for disconnecting said backup power sup- 

45 ply from said secure sustained memory in the 
event of said encryption module being re- 
moved from said system, whereby the con- 
tents of said secure, sustained memory will be 
lost to prevent external inspection thereof. 

50 19. A system according to claim 1 6, 1 7 
or 18 comprising an autoteller control proces- 
sor for controlling the overall operation of said 
system, where said encryption module com- 
prises a communication register for providing 

55 communication between said encryption con- 
trot processor and said autoteller control pro- 
cessor, said communication register compris- 
ing a first interface memory for receiving data 
from said autoteller c ntrol proc ssor and for 

60 delivering up data to said encryption control 
processor and a second interface memory for 
receiving data from said encryption control 
processor and for delivering up data to said 
autot Her control pr cessor. 

65 20. A system according to claim 1 9 



wherein said encryption c ntr I processor 
comprises an ncryption address bus, wherein 
said autoteller control processor comprises an 
internal address bus, and wherein said com- 

70 munication register comprises a ftrst address 
decoder coupled to receive said internal ad- 
dress bus operable to provide an activating 
signal to said first and second interface 
memories if an address on said internal ad- 

75 dress bus lies between first and second pre- 
determined limits and a second address deco- 
der coupled to receive said encryption address 
bus and operable to provide an activating 
signal to said first and second interface 

80 memories if an address on said encryption 
address bus lies between third and foruth 
predetermined limits. 

21 . A system according to claim 20 
wherein said first address decoder is operable 

85 to prevent said second address decoder from 
providing said activating signal in the event of 
the address on said internal address bus being 
between said first and second predetermined 
limits. 

90 22. A system substantially as described 
with reference to the appended drawings. 
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